OPNsense Forum

English Forums => 24.7 Production Series => Topic started by: Arno on November 18, 2024, 12:19:02 pm

Title: VPN Provider - How to go from legacy client to client instance
Post by: Arno on November 18, 2024, 12:19:02 pm

Hi everyone,

For my internet access I use a well known OpenVPN provider. Muliple legacy clients (for multiple countries) are configured. Works fine. How do I go from legacy clients to client instances?

Title: Re: VPN Provider - How to go from legacy client to client instance
Post by: DEC670airp414user on November 18, 2024, 01:23:41 pm

Follow the same steps.    I’ve moved entirely to instances and have noticed a slight performance increase

Title: Re: VPN Provider - How to go from legacy client to client instance
Post by: Arno on November 18, 2024, 05:56:42 pm

Do I have to use the Authority of the VPN provider? Can't select it in the Trust section when creating a client instance.

Role: Client
Protocol: UDP
Type: TUN
Remote; <vpnserver>:<port>
User: xxxxx
Password: xxxxx

What else?

Title: Re: VPN Provider - How to go from legacy client to client instance
Post by: DEC670airp414user on November 18, 2024, 10:07:52 pm

Yeah everything you used before

VPN- openvpn- instances - static keys lists auth

Title: Re: VPN Provider - How to go from legacy client to client instance
Post by: dseven on November 18, 2024, 11:13:48 pm

One thing I've not found a way to do with OpenVPN instances is specify "data-ciphers". I occassionally use a VPN provider that's probably not keeping their server side up to date, and requires AES-256-CBC. I can hack around it with Advanced configuration in legacy clients, but that mechanism (custom options) is not available with instances, as apparently it's been deemed insecure.